The complexity and rising costs associated with ESI and eDiscovery services are forcing innovation and market disruption with predictable pricing models, as seen in Trustpoint’s Managed Solutions offerings. There are many vendors claiming to offer similar eDiscovery managed services. They might have a bullet point on their website and may even have a web page dedicated to the model, but are eDiscovery managed services a core focus of their organization? How can you tell? One way is by examining how the eDiscovery provider allocates resources and makes money. Trustpoint is moving away from pricing its services in the traditional per-GB model, where each step in the process is more expensive than the previous, and toward aligning its interests with their clients’, making Trustpoint a true eDiscovery Managed Solutions provider. In addition to addressing the needs of any given project, the Trustpoint approach focuses on a comprehensive business solution to handle all of an organization’s projects, enabling more control over their eDiscovery business. These engagements can include a combination of workflow, technology and infrastructure support and are priced at the environment level. Following are two examples:

• In the case of an organization that wants to directly license eDiscovery software, they can engage Trustpoint to host the software, manage upgrades, storage and other IT functions, the law firm would pay a predictable flat monthly fee for this service to handle all their cases.
• Then there are multi-tenancy engagements, where groups want full control of an eDiscovery platform but do not want the upfront licensing and hardware expense. In this case, they would get administrative control and capacity for a fixed monthly fee.

To recap, rather than charging increasingly large fees due to the infinite growth of ESI that needed to be collected, accessed, managed, and stored for eDiscovery (and the enormous financial burden to clients that comes with it), Trustpoint.One delivers a non-zero-sum Managed SolutionsTM model, giving legal teams the infrastructure, technology and priority customer service they demand– but for a fixed monthly fee.

 

In our playbook, step one is managing your data better.

Technology is all around us, and it’s fueling the 21st century data boom. This ubiquitous technology is creating billions of pieces of communication a day.

A report by the Radicati Group, a technology market research firm, indicated that the total number of business and consumer emails sent and received per day would exceed 281 billion in 2018. Radicati forecasts that number will grow to more than 333 billion by 2022.

How does this apply to law-firms and in-house legal departments? Let’s examine how the industry is dealing with Big Data and the infrastructure required to contain and manage it.

Emails are the most prominent example of ESI–especially in the legal industry. However, there’s more to consider. For example, organizations who have moved to Microsoft 365 may still have on-premise exchange platforms, employees may keep.pst mailbox files on their local hard drives, old data may be maintained in legal-hold platforms, or terminated user data may live on networks indefinitely––not to mention content on a variety of disparate platforms like Dropbox, Google drive, SharePoint or various social media sites.

With increases in data stores, their locations, and the need for organizations “to satisfy their retention duty,” more businesses and their advocates must manage data better and limit the amount of information that makes it downstream to vendors and case teams.

A Managed Solution engagement can be customized and specifically tailored to encompass a corporation’s Information Governance (IG), Preservation and Collection needs. These engagements allow organizations to leverage professionals with extensive electronic data experience to help draft information governance plans and data maps to develop smarter preservation and collection methods.  These solutions simultaneously address retention-duty obligations and reduce data volumes that ultimately need to be reviewed.  For example:

  • Deploy a “Preservation Managed Solution” where the collection of custodians and data stores (frequently a target of document requests) are put on a regular collections schedule.  This helps with an organization’s litigation readiness and eliminates the need to recollect data. 
  • An “IG Front-End Solution” can also help in the processing and review stages of the Electronic Discovery Reference Model (EDRM) by re-purposing the data and attorney work product. Organizations can put processes in place where data that is relevant to multiple matters is processed only once. In this case, the coding decisions and work product can be reused.

 

 

The pace of technological innovation and the explosion of electronically stored information (ESI) has forced the legal industry to adapt quickly. This is particularly true when it comes to eDiscovery.

The vast amounts of data created by email, text and social media meant eDiscovery providers themselves needed technology to deal with these new challenges. While the market is somewhat established by now, that doesn’t mean innovation is static. As we move into a new year, eDiscovery service providers must look ahead to what’s next.

Here are five eDiscovery tech trends to watch in 2019.

Tech-Certified Staff

More and more, legal teams will need versatile, multidisciplined teams during the review stage. Janice Hollman, of Relativity®, Trustpoint.One’s trusted partner, elaborated in a discussion with Legal Tech:

“In 2019, we’ll continue to see more paralegals and litigation support professionals getting certified—along with increased demand for tech-trained paralegals and lawyers.”

Privacy Tipping Point

After years of data breaches—including some high profile incidents in 2018—and privacy concerns, regulations are starting to catch up. For instance, the General Data Protection Regulation, or GDPR, recently took effect in the United States. It’s a European Union law regulating data security for data housed or transferred from the EU.

As Leonard Deutchman at the Legal Intelligencer notes, this means legal teams will need to take steps to comply with the GDPR going forward. From a technological standpoint, eDiscovery service providers will have to be up to date and in compliance with privacy laws.

However, the GDPR isn’t the only concern. Now most states have data breach standards, and California recently passed a sweeping digital privacy law that goes into effect in 2020. Therefore, it’s necessary that eDiscovery service providers are ready to incorporate data privacy protections into their processes.

Active Learning

As the amount of data collected during review increases, active learning will be valuable for reviewers. It’s a tool that is constantly learning based on reviewers’ coding decisions. It uses those decisions to identify important documents. As a project progresses and more coding decisions are made, the results are refined.

By running this and utilizing other analytics tools such as email threading and cluster visualization, reviewers can create a highly efficient workflow to sort data by issue, prepare evidence for litigation, prioritize documents for batching or allow for quality control.

Increased Translation Demands

We’re living in a global economy where companies are increasingly doing business across international borders. As Michael Swarz of Veritone suggests, this means that there will be an increased demand for quality translation services during eDiscovery. He said:

“2019 will be the year demand for translation of any ESI file—text, audio and video—will balloon to meet increasingly globalized e-discovery & compliance requirements. Firms will look for robust translation options, whether machine or human, to translate international files into the language of their choice—by location, accent and dataset—to win their case.”

Reckoning with Office 365

Many companies use Microsoft’s Office 365, which provides some limited eDiscovery tools for preservation of data, data identification and other tasks. Some in the industry, such as Phil Shellhaas, EVP of Discovery Solutions at Trustpoint.One, view the increased adoption of Office 365 as a positive.

He said: “The integration of Office 365 and their advancements in the overall toolset have allowed the collection of custodian mailboxes for downstream litigation to take place at a much more efficient pace.  No longer do we have to worry about deploying a forensic technician into a data center to manage an Exchange Database onsite with a client’s IT professional, which would result in grabbing massive amounts of data due to the limitiations on filtering onsite.  Now the data can be retrieved in a forensically sound manner, utilizing filters right from the cloud.  It is faster and more efficient.”

Conversely, a 2017 report by Gartner described these eDiscovery capabilities as “immature.” Proofpoint, an enterprise security company, also notes that its capabilities are likely fine for organizations not typically involved in litigation. Those that are could require additional support from third parties in areas such as retention management, legal hold, eDiscovery search and content sources.

Relativity has already identified this gap. Its Legal Hold feature allows eDiscovery administrators to “…preserve a custodian’s Microsoft Office 365 data, including Exchange mailboxes, OneDrive files, and Skype for Business conversations.”

No matter your assessment of Office 365, eDiscovery service providers would be wise to keep an eye on it in the coming year.

As technology evolves, Trustpoint.One always leverages cutting-edge technology and top talent to deliver streamlined eDiscovery solutions. If you need help, contact us today!

As technology continues to evolve, companies have had to become more creative when it comes to managing vast amounts of data. However, technology can also be used to deal with this issue via analytical applications and tools.

Trustpoint.One takes this challenge seriously, and we’ve built our technology and software around data analytics. In practice, this approach improves eDiscovery processes by weeding out irrelevant data and keeping the most important data for litigation.

Here are four analytics strategies for eDiscovery you can implement to effectively manage data.

Email Threading

Email threading segments emails by gathering forwards, replies and reply-alls together. This makes it easy to track related emails and reconstruct email threads. Trustpoint.One’s agnostic approach to technology deployment allows for organization and management of emails using::

  • Email threads
  • People involved in an email conversation
  • Email attachments (if the Parent ID is provided along with the attachment item)
  • Duplicate emails

Redundancies can be identified by text analysis of email threads, minimizing the number of documents that need to be reviewed. This reduces the amount of data to be reviewed, and it saves money in personnel and resources, as well.

Near-Duplicate Identification

Another useful analytical tool that’s closely related to email threading is near-duplicate identification. Like email threading, near-duplicate identification is a common textual analytics tool. It calculates document similarity via the textual content of a document.

For example, this tool could identify two different types of documents, such as an email and a PDF attachment containing the same, or nearly the same, content. The value of this approach is that you can tag these documents and either group them together or exclude them based on your needs.

Near-duplicate identification can also serve as an important quality control measure. For instance, there could be a situation where reviewers have found a cache of privileged documents in the data set. But what if some of these privileged documents were missed? You could easily find near-duplicates of the documents already collected and re-review the new set for inconsistencies.

Keyword Expansion

Keyword expansion is a simple analytics tool that can help you during eDiscovery. This common practice takes your set of defined keywords and identifies conceptually similar keywords based on your data set. Note that it finds conceptually similar terms, not just synonyms of your keyword list.

This helps build on your initial keyword list, and it should give you a better understanding of the important issues related to the case. Additionally, it helps you collect documents you would have otherwise missed—for example, those containing project code names.

Along with cluster visualization, this is an expedient way to help organize your data set.

Cluster Visualization

Cluster visualization is just what it sounds like. It’s the process of displaying data in a visual graph, often using word or subject clusters.

There’s only so much information a person can interpret when looking at a table view list of documents. Cluster visualization solves that problem. The advantage of this strategy is that it allows for reviewers to analyze and gain insights from data at a glance, making it much more efficient.

Additionally, it’s helpful for sorting information during eDiscovery—especially data with conceptual content instead of numerical data. You can quickly see which subjects in the data set appear most frequently, and you can also group conceptually similar documents.

Reviewers can further sort data by overlaying keywords to identify and flag the clusters that correspond to relevant terms. Overall, this will facilitate a better understanding of a case.

Are these four strategies part of your eDiscovery routine? If not, Trustpoint.One can handle your eDiscovery needs and more. Contact us today for more information.

Anywhere there’s sensitive information on the Internet, there is also a chance of a data breach. Recently, companies such as Under Armour, Panera and Macy’s have made headlines due to data breaches. They’re becoming a regular occurrence for companies and consumers.

The Identity Theft Resource Center has been tracking data breaches since 2005. From 2005 to Aug. 31, 2018, there have been a total of 9,395 data breaches, exposing more than 1 billion records.

While consumer data breaches related to big B2C brands are highly publicized, corporate eDiscovery data presents another target for hackers. Data involved with the eDiscovery process often contains valuable information such as intellectual property and trade secrets. Therefore, it’s important to take the proper steps to protect it.

Here are four ways to protect corporate eDiscovery data.

A Culture of Security

Sensitive data is easier to protect when everyone in the company is on board. This is the foundation of secure data. Employees—no matter their status—have to be aware of the ways they could potentially put their company at risk.

Executives are often targets because of their access to valuable knowledge and influence within organizations. Despite this, many are not invested in cybersecurity. A survey of 9,500 executives found only 39 percent have a hand in setting cybersecurity policies and just 31 percent actively review cybersecurity risks.

Get everyone on the same page with a formal internet policy for your organization. Make it clear what practices—say, accessing personal email accounts—are not allowed at the office nor on any company devices. It might be helpful to consult an IT specialist when drawing up these rules. If you already have a policy in place, regularly communicate with employees about cybersecurity risks, hold meetings and ask the IT department to speak about the issue.

This way, everyone from top to bottom will feel a duty to keep data safe.

Hygienic and Secure Collection

As John deCraen, senior director at Alvarez & Marsal, and Nik Balepur, solutions architect at Relativity®, discussed in their talk about cybersecurity and eDiscovery, you can mitigate risks with hygienic and secure collection methods.

What does this look like?

During collection, equipment with no other data on it should be used. Data should also be saved with encrypted media and standardized methods, such as randomly generated passwords. If the data is encrypted at the time of collection, it should protect personal or sensitive data. In case of hardware failure during transit, copies should be made of the data being collected.

Additionally, as deCraen and Balepur note, advanced malware scanning should be employed for imports and infected file protocols, and reporting should be clearly stated so infected files can be dealt with expediently and effectively, too.

Secure collection protects data, but an emphasis on security must also continue after collection

Controlled Data Access

The more people involved with handling eDiscovery data, the more opportunities there are for data breaches.. Once the data has been collected, access should be strictly limited to staff working directly on the case. Make sure your permissions are set up correctly via user/role-based accesses to accomplish this.

Naturally, eDiscovery providers should have high security certifications and the infrastructure necessary to keep data safe.

A Trusted, Certified Partner

Your data, and your clients’ data, is too important to leave in the hands of someone you don’t trust. This is why Trustpoint.One offers industry-leading security across our entire hosted platform environment, including Relativity and other eDiscovery tools.

Furthermore, our operating environments are certified with these security protections: certified SOC 2 Type 2, ISO 27001, Privacy Shield and HIPPA certified. Not every company has all of these protections to limit access to data.

If you have eDiscovery needs and want to stop worrying about your data, contact Trustpoint.One. We make sure you data is secure, so you feel the same way

It can be difficult enough to mechanically sort through hundreds or even thousands of digital documents while preparing for litigation. However, if you’re working with clients abroad, you’ll also need to comply with international standards, which can complicate the process further.

If your work involves international business, you’re likely familiar with the EU-US Privacy Shield.

Keeping with today’s modernized global culture, the agreement sets forth agreed-upon tenets for the international transmission of data, as outlined in the Privacy Shield Framework Program Overview. This ensures personal information that is transferred across the Atlantic from Europe to the U.S. for business-related purposes is protected by both countries.

To maintain a healthy flow of business between the continents, the agreement requires U.S. regulatory bodies to work with the EU in the interest of their citizens’ data protection, and must also offer satisfactory rectification of any situation where their data has been exploited.

A Brief History

The rise of digital data transmission brought about discussions of how to maintain citizens’ rights to privacy in the U.S. and abroad. These discussions and meetings between international leaders culminated in the International Safe Harbor Privacy Principles, an agreement crafted between 1998 and 2000 with a similar intent as the EU-US Privacy Shield.

It was formerly accepted by the European Commission, an EU institution responsible for proposing legislation and implementing decisions, in July of 2000. However, in the ensuing years, there were questions about compliance, and it was deemed outdated in 2015. The EU-US Privacy Shield was developed to take its place with updated provisions, but the agreement was not without controversy.

Self-Certification

If you’re working with a client who does business overseas, you can save everyone a headache and direct them to self-certify via the Privacy Shield Principles, if they have not already. Though you and your client may already be complying with these standards, having the seal of approval is a helpful way to instill faith in you and your client. Anyone using Privacy Shield Principles can also easily access and connect with a list of businesses who are also certified.

Most Recent Annual Review

The EU-U.S. Privacy Shield is subject to an annual review to maintain updates and discuss the effectiveness of the agreement. The second and most recent annual review occured on Oct. 19, 2018, in Brussels, where a meeting and review was held between U.S. government leaders, the European Commission their data protection authorities.

According to a press release announcing the meeting, “Since the Shield came into effect on 1 August 2016, nearly 4,000 U.S. companies have self-certified,” though the future of the agreement is uncertain at this point.

Trustpoint.One offers peace of mind through industry-leading security across our entire hosted platform environment. To protect your data, we’re not only Privacy Shield certified, but also SOC 2 Type 2, ISO 27001 and HIPPA certified, as well.

Contact us today to see how Trustpoint.One can help you during eDiscovery.